NewKerala.com

US Sanctions Russian Exploit Broker in Landmark Cyber Theft Case

The United States has imposed its first sanctions under the Protecting American Intellectual Property Act (PAIPA) on Russian national Sergey Zelenyuk and his company, Operation Zero, for acquiring and selling stolen American cyber tools. The action, supported by the Treasury Department, targets the theft of at least eight proprietary cyber tools created for exclusive U.S. government use. In a parallel case, Australian national Peter Williams pleaded guilty to stealing these tools from a U.S. company and selling them to Operation Zero for millions in cryptocurrency. Officials state such theft poses a serious threat to U.S. national security and economic prosperity, costing industry billions annually.

Key Points: US Sanctions Russian Broker for Stealing Cyber Tools

  • First sanctions under new PAIPA law
  • Targets Russian broker & his company
  • Tools stolen from US firm & sold
  • Parallel criminal case against Australian
3 min read

US sanctions Russian exploit broker in cyber theft case

US imposes first sanctions under new law on Russian broker Sergey Zelenyuk for stealing and selling proprietary American cyber tools.

"If you steal US trade secrets, we will hold you accountable. - Treasury Secretary Scott Bessent"

Washington, Feb 25

The United States imposed sanctions on a Russian exploit broker and several associated entities accused of acquiring and selling stolen American cyber tools, in what officials described as the first action under a new law aimed at protecting US intellectual property.

The measures target Russian national Sergey Sergeyevich Zelenyuk and his company, Operation Zero. The action coincides with a separate criminal case against Australian national Peter Williams, who pleaded guilty last year to stealing proprietary cyber tools from a US company and selling them to Operation Zero.

The Department of State said it was sanctioning one individual and two entities under the Protecting American Intellectual Property Act (PAIPA) "in connection with theft of trade secrets from US persons". It said these were the first designations under the law and were supported by concurrent Treasury sanctions.

"Theft of trade secrets, particularly in relation to sensitive and emerging technologies, poses a serious threat to US national security and economic prosperity," Principal Deputy Spokesperson Tommy Pigott said in a February 24 statement. He added that such theft "harms US national security, jobs, companies, and investments, while costing US industry billions of dollars each year".

In parallel action, the Treasury Department's Office of Foreign Assets Control (OFAC) designated Zelenyuk and Matrix LLC, doing business as Operation Zero, along with five associated individuals and entities.

According to Treasury, Zelenyuk and Operation Zero trade in "exploits" - pieces of code that exploit software vulnerabilities to gain unauthorised access to or control of devices. Operation Zero acquired "at least eight proprietary cyber tools" created for the exclusive use of the US government and select allies. The tools were stolen from a US company and later sold to "at least one unauthorized user".

"If you steal US trade secrets, we will hold you accountable," Treasury Secretary Scott Bessent said. "Treasury will continue to work alongside the rest of the Trump Administration to protect sensitive American intellectual property and safeguard our national security."

The sanctions coincide with an investigation by the Department of Justice and the Federal Bureau of Investigation into Williams, a former employee of the affected US company. He pleaded guilty on October 29, 2025, to two counts of theft of trade secrets.

Officials said Williams stole proprietary cyber tools between 2022 and 2025 and sold them to Operation Zero in exchange for millions of dollars paid in cryptocurrencies.

The State Department also sanctioned an affiliated UAE company, Special Technology Services LLC FZ, under PAIPA. The law authorises sanctions against persons who knowingly engage in, or benefit from, significant theft of trade secrets of US persons when such theft threatens US national security, foreign policy or economic stability.

As a result of the action, all property and interests in property of the designated persons in the United States, or in the possession or control of US persons, are blocked.

- IANS

Share this article:

Reader Comments

S
Sarah B
Interesting to see the UAE company also sanctioned. Shows how these networks operate globally. The use of cryptocurrency for payment makes tracking harder. Governments worldwide need to update their financial surveillance laws.
V
Vikram M
While I support action against theft, the US often applies sanctions unilaterally. What about when other countries' IP is stolen? The rules-based order must work both ways. Still, a good precedent under the new law.
P
Priya S
This is a wake-up call for Indian IT firms. We handle so much sensitive data for global clients. Internal security and employee background checks are just as important as firewalls. Jai Hind!
R
Rohit P
"Exploit brokers" – a new term for me. The digital black market is scary. Hope our CERT-In and cyber cells are learning from such cases. Our own Aadhaar and UPI systems must be protected at all costs.
M
Michael C
The Australian national involved shows it's not just state actors. Greed drives individuals too. Companies need better internal controls. The millions paid in crypto would be life-changing money, a huge temptation.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50